RubyGems - puppet - Versions diffs - 6.23.0 → 7.0.0 - Mend

puppet 6.23.0 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (581) hide show

checksums.yaml +4 -4
data/CODEOWNERS +16 -2
data/Gemfile +1 -3
data/Gemfile.lock +34 -46
data/README.md +1 -1
data/conf/fileserver.conf +5 -10
data/ext/build_defaults.yaml +1 -1
data/ext/osx/file_mapping.yaml +0 -5
data/ext/osx/puppet.plist +0 -2
data/ext/project_data.yaml +1 -14
data/ext/redhat/puppet.spec.erb +0 -1
data/ext/windows/service/daemon.rb +6 -5
data/install.rb +21 -17
data/lib/puppet.rb +11 -20
data/lib/puppet/application.rb +178 -108
data/lib/puppet/application/agent.rb +4 -12
data/lib/puppet/application/apply.rb +2 -4
data/lib/puppet/application/device.rb +100 -106
data/lib/puppet/application/filebucket.rb +13 -9
data/lib/puppet/application/resource.rb +1 -2
data/lib/puppet/application/script.rb +0 -2
data/lib/puppet/application/ssl.rb +1 -12
data/lib/puppet/application_support.rb +0 -7
data/lib/puppet/configurer.rb +30 -45
data/lib/puppet/configurer/downloader.rb +1 -2
data/lib/puppet/configurer/plugin_handler.rb +21 -19
data/lib/puppet/defaults.rb +100 -192
data/lib/puppet/environments.rb +60 -74
data/lib/puppet/face/facts.rb +5 -103
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/plugin.rb +5 -8
data/lib/puppet/ffi/windows.rb +12 -0
data/lib/puppet/ffi/windows/api_types.rb +311 -0
data/lib/puppet/ffi/windows/constants.rb +404 -0
data/lib/puppet/ffi/windows/functions.rb +628 -0
data/lib/puppet/ffi/windows/structs.rb +338 -0
data/lib/puppet/file_serving/configuration.rb +0 -5
data/lib/puppet/file_serving/configuration/parser.rb +3 -32
data/lib/puppet/file_serving/fileset.rb +2 -14
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_serving/mount.rb +1 -2
data/lib/puppet/file_system/memory_file.rb +1 -8
data/lib/puppet/file_system/windows.rb +0 -2
data/lib/puppet/forge/repository.rb +0 -1
data/lib/puppet/functions/all.rb +1 -1
data/lib/puppet/functions/camelcase.rb +1 -1
data/lib/puppet/functions/capitalize.rb +2 -2
data/lib/puppet/functions/downcase.rb +2 -2
data/lib/puppet/functions/get.rb +5 -5
data/lib/puppet/functions/group_by.rb +5 -13
data/lib/puppet/functions/lest.rb +1 -1
data/lib/puppet/functions/new.rb +100 -100
data/lib/puppet/functions/partition.rb +4 -12
data/lib/puppet/functions/require.rb +5 -5
data/lib/puppet/functions/sort.rb +3 -3
data/lib/puppet/functions/tree_each.rb +9 -7
data/lib/puppet/functions/type.rb +4 -4
data/lib/puppet/functions/upcase.rb +2 -2
data/lib/puppet/generate/models/type/type.rb +4 -1
data/lib/puppet/http.rb +22 -13
data/lib/puppet/http/client.rb +164 -114
data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
data/lib/puppet/http/errors.rb +16 -0
data/lib/puppet/http/external_client.rb +5 -7
data/lib/puppet/{network/http → http}/factory.rb +8 -15
data/lib/puppet/{network/http → http}/pool.rb +61 -26
data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
data/lib/puppet/http/proxy.rb +137 -0
data/lib/puppet/http/redirector.rb +4 -12
data/lib/puppet/http/resolver.rb +5 -15
data/lib/puppet/http/resolver/server_list.rb +10 -25
data/lib/puppet/http/resolver/settings.rb +4 -7
data/lib/puppet/http/resolver/srv.rb +7 -11
data/lib/puppet/http/response.rb +36 -54
data/lib/puppet/http/response_converter.rb +24 -0
data/lib/puppet/http/response_net_http.rb +42 -0
data/lib/puppet/http/retry_after_handler.rb +4 -13
data/lib/puppet/http/service.rb +12 -26
data/lib/puppet/http/service/ca.rb +11 -22
data/lib/puppet/http/service/compiler.rb +22 -138
data/lib/puppet/http/service/file_server.rb +19 -29
data/lib/puppet/http/service/puppetserver.rb +26 -12
data/lib/puppet/http/service/report.rb +8 -10
data/lib/puppet/http/session.rb +11 -20
data/lib/puppet/{network/http → http}/site.rb +1 -2
data/lib/puppet/indirector/catalog/compiler.rb +0 -1
data/lib/puppet/indirector/catalog/rest.rb +2 -4
data/lib/puppet/indirector/facts/rest.rb +3 -22
data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
data/lib/puppet/indirector/file_content/rest.rb +2 -6
data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
data/lib/puppet/indirector/file_server.rb +1 -8
data/lib/puppet/indirector/generic_http.rb +0 -11
data/lib/puppet/indirector/node/rest.rb +2 -4
data/lib/puppet/indirector/report/rest.rb +3 -8
data/lib/puppet/indirector/request.rb +0 -101
data/lib/puppet/indirector/rest.rb +12 -263
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/module_tool/applications/installer.rb +2 -48
data/lib/puppet/module_tool/errors/shared.rb +2 -17
data/lib/puppet/network/authconfig.rb +2 -96
data/lib/puppet/network/authorization.rb +13 -35
data/lib/puppet/network/formats.rb +0 -67
data/lib/puppet/network/http.rb +3 -3
data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
data/lib/puppet/network/http/api/master/v3.rb +11 -13
data/lib/puppet/network/http/connection.rb +247 -316
data/lib/puppet/network/http/handler.rb +0 -1
data/lib/puppet/network/http_pool.rb +16 -34
data/lib/puppet/node.rb +1 -30
data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
data/lib/puppet/pal/pal_impl.rb +3 -1
data/lib/puppet/parser/ast/leaf.rb +2 -3
data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
data/lib/puppet/parser/compiler.rb +0 -198
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
data/lib/puppet/parser/resource.rb +0 -69
data/lib/puppet/parser/templatewrapper.rb +1 -1
data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
data/lib/puppet/pops/issues.rb +0 -5
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
data/lib/puppet/pops/model/ast.pp +0 -42
data/lib/puppet/pops/model/ast.rb +0 -290
data/lib/puppet/pops/model/ast_transformer.rb +1 -1
data/lib/puppet/pops/model/factory.rb +0 -45
data/lib/puppet/pops/model/model_label_provider.rb +0 -5
data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
data/lib/puppet/pops/model/pn_transformer.rb +0 -16
data/lib/puppet/pops/parser/egrammar.ra +0 -56
data/lib/puppet/pops/parser/eparser.rb +1520 -1712
data/lib/puppet/pops/parser/lexer2.rb +4 -4
data/lib/puppet/pops/parser/parser_support.rb +0 -5
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
data/lib/puppet/pops/types/type_calculator.rb +0 -7
data/lib/puppet/pops/types/type_parser.rb +0 -4
data/lib/puppet/pops/types/types.rb +0 -1
data/lib/puppet/pops/validation/checker4_0.rb +9 -37
data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
data/lib/puppet/property/list.rb +1 -1
data/lib/puppet/provider.rb +0 -13
data/lib/puppet/provider/group/groupadd.rb +8 -13
data/lib/puppet/provider/nameservice.rb +0 -18
data/lib/puppet/provider/package/apt.rb +2 -34
data/lib/puppet/provider/package/aptitude.rb +0 -6
data/lib/puppet/provider/package/dnfmodule.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +0 -10
data/lib/puppet/provider/package/gem.rb +23 -3
data/lib/puppet/provider/package/nim.rb +6 -11
data/lib/puppet/provider/package/pip.rb +0 -1
data/lib/puppet/provider/package/pkg.rb +0 -4
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/puppet_gem.rb +1 -4
data/lib/puppet/provider/service/debian.rb +0 -2
data/lib/puppet/provider/service/smf.rb +191 -73
data/lib/puppet/provider/service/systemd.rb +4 -14
data/lib/puppet/provider/service/windows.rb +0 -38
data/lib/puppet/provider/user/aix.rb +2 -2
data/lib/puppet/provider/user/directoryservice.rb +10 -33
data/lib/puppet/provider/user/useradd.rb +8 -62
data/lib/puppet/reference/configuration.rb +8 -7
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/resource.rb +1 -89
data/lib/puppet/resource/catalog.rb +1 -14
data/lib/puppet/resource/type.rb +3 -119
data/lib/puppet/resource/type_collection.rb +3 -48
data/lib/puppet/runtime.rb +1 -2
data/lib/puppet/settings.rb +73 -66
data/lib/puppet/settings/environment_conf.rb +0 -1
data/lib/puppet/settings/integer_setting.rb +17 -0
data/lib/puppet/settings/port_setting.rb +15 -0
data/lib/puppet/settings/priority_setting.rb +5 -4
data/lib/puppet/ssl.rb +10 -6
data/lib/puppet/ssl/base.rb +3 -5
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_request.rb +1 -12
data/lib/puppet/ssl/certificate_signer.rb +6 -0
data/lib/puppet/ssl/oids.rb +3 -1
data/lib/puppet/ssl/ssl_provider.rb +17 -0
data/lib/puppet/ssl/state_machine.rb +3 -1
data/lib/puppet/ssl/verifier.rb +2 -0
data/lib/puppet/test/test_helper.rb +1 -3
data/lib/puppet/transaction.rb +1 -7
data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
data/lib/puppet/transaction/report.rb +2 -4
data/lib/puppet/type.rb +0 -76
data/lib/puppet/type/file.rb +6 -26
data/lib/puppet/type/file/checksum.rb +1 -1
data/lib/puppet/type/file/selcontext.rb +1 -1
data/lib/puppet/type/file/source.rb +1 -1
data/lib/puppet/type/filebucket.rb +3 -3
data/lib/puppet/type/package.rb +8 -16
data/lib/puppet/type/service.rb +38 -18
data/lib/puppet/type/tidy.rb +2 -21
data/lib/puppet/type/user.rb +20 -38
data/lib/puppet/util/autoload.rb +8 -1
data/lib/puppet/util/execution.rb +0 -11
data/lib/puppet/util/http_proxy.rb +2 -215
data/lib/puppet/util/monkey_patches.rb +0 -53
data/lib/puppet/util/posix.rb +5 -54
data/lib/puppet/util/rdoc.rb +0 -7
data/lib/puppet/util/retry_action.rb +1 -1
data/lib/puppet/util/run_mode.rb +9 -1
data/lib/puppet/util/selinux.rb +4 -30
data/lib/puppet/util/windows.rb +3 -8
data/lib/puppet/util/windows/adsi.rb +0 -46
data/lib/puppet/util/windows/daemon.rb +360 -0
data/lib/puppet/util/windows/error.rb +1 -0
data/lib/puppet/util/windows/eventlog.rb +4 -9
data/lib/puppet/util/windows/file.rb +8 -242
data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
data/lib/puppet/util/windows/principal.rb +2 -9
data/lib/puppet/util/windows/process.rb +4 -226
data/lib/puppet/util/windows/service.rb +9 -460
data/lib/puppet/util/windows/sid.rb +2 -4
data/lib/puppet/util/windows/string.rb +12 -13
data/lib/puppet/util/yaml.rb +0 -22
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509.rb +5 -1
data/lib/puppet/x509/cert_provider.rb +29 -1
data/locales/puppet.pot +651 -1436
data/man/man5/puppet.conf.5 +266 -354
data/man/man8/puppet-agent.8 +2 -2
data/man/man8/puppet-apply.8 +2 -2
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +2 -2
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +4 -47
data/man/man8/puppet-filebucket.8 +4 -4
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-module.8 +1 -58
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +2 -2
data/man/man8/puppet-ssl.8 +1 -5
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
data/spec/fixtures/ssl/ca.pem +35 -57
data/spec/fixtures/ssl/crl.pem +18 -28
data/spec/fixtures/ssl/ec-key.pem +11 -11
data/spec/fixtures/ssl/ec.pem +24 -33
data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
data/spec/fixtures/ssl/encrypted-key.pem +58 -108
data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
data/spec/fixtures/ssl/intermediate.pem +36 -57
data/spec/fixtures/ssl/pluto-key.pem +57 -107
data/spec/fixtures/ssl/pluto.pem +30 -52
data/spec/fixtures/ssl/request-key.pem +57 -107
data/spec/fixtures/ssl/request.pem +26 -47
data/spec/fixtures/ssl/revoked-key.pem +57 -107
data/spec/fixtures/ssl/revoked.pem +30 -52
data/spec/fixtures/ssl/signed-key.pem +57 -107
data/spec/fixtures/ssl/signed.pem +30 -52
data/spec/fixtures/ssl/tampered-cert.pem +30 -52
data/spec/fixtures/ssl/tampered-csr.pem +26 -47
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
data/spec/fixtures/ssl/unknown-ca.pem +33 -55
data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
data/spec/integration/application/agent_spec.rb +27 -171
data/spec/integration/application/apply_spec.rb +1 -20
data/spec/integration/application/filebucket_spec.rb +16 -16
data/spec/integration/application/help_spec.rb +2 -0
data/spec/integration/application/plugin_spec.rb +24 -2
data/spec/integration/defaults_spec.rb +14 -3
data/spec/integration/http/client_spec.rb +0 -12
data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
data/spec/integration/network/http_pool_spec.rb +3 -21
data/spec/integration/parser/catalog_spec.rb +0 -38
data/spec/integration/parser/node_spec.rb +0 -9
data/spec/integration/parser/pcore_resource_spec.rb +0 -37
data/spec/integration/resource/type_collection_spec.rb +6 -2
data/spec/integration/transaction_spec.rb +9 -4
data/spec/integration/type/file_spec.rb +5 -4
data/spec/integration/util/windows/adsi_spec.rb +1 -21
data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
data/spec/integration/util/windows/principal_spec.rb +0 -21
data/spec/integration/util/windows/registry_spec.rb +10 -6
data/spec/integration/util/windows/security_spec.rb +1 -1
data/spec/lib/matchers/include.rb +27 -0
data/spec/lib/matchers/include_spec.rb +32 -0
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/puppetserver.rb +1 -1
data/spec/lib/puppet_spec/settings.rb +1 -0
data/spec/spec_helper.rb +7 -12
data/spec/unit/agent_spec.rb +6 -10
data/spec/unit/application/agent_spec.rb +3 -7
data/spec/unit/application/facts_spec.rb +12 -456
data/spec/unit/application/filebucket_spec.rb +43 -39
data/spec/unit/application/ssl_spec.rb +2 -25
data/spec/unit/application_spec.rb +9 -51
data/spec/unit/certificate_factory_spec.rb +1 -1
data/spec/unit/configurer/downloader_spec.rb +6 -8
data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
data/spec/unit/configurer_spec.rb +12 -32
data/spec/unit/confine/feature_spec.rb +1 -1
data/spec/unit/confine_spec.rb +2 -8
data/spec/unit/context/trusted_information_spec.rb +2 -6
data/spec/unit/defaults_spec.rb +68 -54
data/spec/unit/environments_spec.rb +68 -224
data/spec/unit/face/node_spec.rb +11 -0
data/spec/unit/face/plugin_spec.rb +73 -33
data/spec/unit/file_bucket/file_spec.rb +1 -1
data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
data/spec/unit/file_serving/configuration_spec.rb +6 -12
data/spec/unit/file_serving/fileset_spec.rb +0 -60
data/spec/unit/file_serving/metadata_spec.rb +3 -3
data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
data/spec/unit/file_system_spec.rb +0 -9
data/spec/unit/forge/module_release_spec.rb +7 -2
data/spec/unit/functions/camelcase_spec.rb +1 -1
data/spec/unit/functions/capitalize_spec.rb +1 -1
data/spec/unit/functions/downcase_spec.rb +1 -1
data/spec/unit/functions/upcase_spec.rb +1 -1
data/spec/unit/gettext/config_spec.rb +0 -12
data/spec/unit/http/client_spec.rb +7 -8
data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
data/spec/unit/http/external_client_spec.rb +4 -4
data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
data/spec/unit/http/resolver_spec.rb +13 -13
data/spec/unit/http/service/compiler_spec.rb +0 -185
data/spec/unit/http/service/file_server_spec.rb +3 -3
data/spec/unit/http/service/puppetserver_spec.rb +34 -4
data/spec/unit/http/service_spec.rb +0 -1
data/spec/unit/http/session_spec.rb +16 -14
data/spec/unit/{network/http → http}/site_spec.rb +3 -3
data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
data/spec/unit/indirector/face_spec.rb +1 -0
data/spec/unit/indirector/facts/facter_spec.rb +3 -0
data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
data/spec/unit/indirector/file_server_spec.rb +1 -15
data/spec/unit/indirector/indirection_spec.rb +12 -8
data/spec/unit/indirector/report/rest_spec.rb +2 -17
data/spec/unit/indirector/request_spec.rb +0 -264
data/spec/unit/indirector/rest_spec.rb +98 -752
data/spec/unit/indirector_spec.rb +2 -2
data/spec/unit/module_tool/applications/installer_spec.rb +0 -66
data/spec/unit/network/authconfig_spec.rb +2 -129
data/spec/unit/network/authorization_spec.rb +2 -55
data/spec/unit/network/formats_spec.rb +4 -45
data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
data/spec/unit/network/http/api_spec.rb +10 -0
data/spec/unit/network/http/connection_spec.rb +19 -41
data/spec/unit/network/http/handler_spec.rb +0 -1
data/spec/unit/network/http_pool_spec.rb +0 -4
data/spec/unit/node/environment_spec.rb +33 -21
data/spec/unit/node_spec.rb +2 -54
data/spec/unit/parser/compiler_spec.rb +19 -3
data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
data/spec/unit/parser/resource_spec.rb +8 -14
data/spec/unit/parser/templatewrapper_spec.rb +3 -4
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
data/spec/unit/pops/types/type_factory_spec.rb +1 -1
data/spec/unit/pops/validator/validator_spec.rb +61 -46
data/spec/unit/pops/visitor_spec.rb +1 -1
data/spec/unit/property_spec.rb +0 -1
data/spec/unit/provider/group/groupadd_spec.rb +2 -5
data/spec/unit/provider/nameservice_spec.rb +64 -122
data/spec/unit/provider/package/apt_spec.rb +23 -28
data/spec/unit/provider/package/aptitude_spec.rb +1 -1
data/spec/unit/provider/package/base_spec.rb +5 -6
data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
data/spec/unit/provider/package/dpkg_spec.rb +0 -48
data/spec/unit/provider/package/gem_spec.rb +32 -0
data/spec/unit/provider/package/nim_spec.rb +0 -42
data/spec/unit/provider/package/pacman_spec.rb +12 -18
data/spec/unit/provider/package/pip_spec.rb +11 -6
data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
data/spec/unit/provider/service/init_spec.rb +0 -1
data/spec/unit/provider/service/openwrt_spec.rb +1 -3
data/spec/unit/provider/service/smf_spec.rb +401 -165
data/spec/unit/provider/service/systemd_spec.rb +8 -53
data/spec/unit/provider/service/windows_spec.rb +0 -203
data/spec/unit/provider/user/aix_spec.rb +0 -5
data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
data/spec/unit/provider/user/hpux_spec.rb +1 -1
data/spec/unit/provider/user/pw_spec.rb +0 -2
data/spec/unit/provider/user/useradd_spec.rb +3 -71
data/spec/unit/provider_spec.rb +8 -18
data/spec/unit/resource/catalog_spec.rb +1 -1
data/spec/unit/resource/type_collection_spec.rb +2 -22
data/spec/unit/resource/type_spec.rb +1 -1
data/spec/unit/resource_spec.rb +10 -67
data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
data/spec/unit/settings/integer_setting_spec.rb +42 -0
data/spec/unit/settings/port_setting_spec.rb +31 -0
data/spec/unit/settings/priority_setting_spec.rb +4 -4
data/spec/unit/settings_spec.rb +23 -13
data/spec/unit/ssl/base_spec.rb +37 -3
data/spec/unit/ssl/certificate_request_spec.rb +15 -45
data/spec/unit/ssl/certificate_spec.rb +2 -11
data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
data/spec/unit/ssl/state_machine_spec.rb +5 -20
data/spec/unit/ssl/verifier_spec.rb +0 -21
data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
data/spec/unit/transaction/event_manager_spec.rb +11 -14
data/spec/unit/transaction/report_spec.rb +0 -2
data/spec/unit/transaction/resource_harness_spec.rb +2 -2
data/spec/unit/transaction_spec.rb +55 -96
data/spec/unit/type/file/checksum_spec.rb +6 -6
data/spec/unit/type/file/content_spec.rb +2 -1
data/spec/unit/type/file/ensure_spec.rb +1 -1
data/spec/unit/type/file/mode_spec.rb +1 -1
data/spec/unit/type/file/selinux_spec.rb +5 -3
data/spec/unit/type/file/source_spec.rb +0 -1
data/spec/unit/type/file_spec.rb +18 -6
data/spec/unit/type/group_spec.rb +6 -13
data/spec/unit/type/package_spec.rb +1 -1
data/spec/unit/type/resources_spec.rb +7 -7
data/spec/unit/type/service_spec.rb +189 -60
data/spec/unit/type/tidy_spec.rb +8 -17
data/spec/unit/type/user_spec.rb +0 -45
data/spec/unit/type_spec.rb +22 -2
data/spec/unit/util/at_fork_spec.rb +2 -2
data/spec/unit/util/autoload_spec.rb +1 -5
data/spec/unit/util/backups_spec.rb +2 -3
data/spec/unit/util/execution_spec.rb +11 -44
data/spec/unit/util/inifile_spec.rb +14 -6
data/spec/unit/util/log_spec.rb +7 -8
data/spec/unit/util/logging_spec.rb +3 -3
data/spec/unit/util/monkey_patches_spec.rb +0 -6
data/spec/unit/util/posix_spec.rb +15 -363
data/spec/unit/util/run_mode_spec.rb +21 -121
data/spec/unit/util/selinux_spec.rb +68 -163
data/spec/unit/util/storage_spec.rb +1 -3
data/spec/unit/util/suidmanager_spec.rb +41 -44
data/spec/unit/util/windows/sid_spec.rb +0 -6
data/spec/unit/util/windows/string_spec.rb +1 -3
data/spec/unit/util/yaml_spec.rb +0 -54
data/spec/unit/util_spec.rb +6 -31
data/tasks/generate_cert_fixtures.rake +2 -2
metadata +44 -181
data/conf/auth.conf +0 -150
data/lib/puppet/application/cert.rb +0 -76
data/lib/puppet/application/key.rb +0 -4
data/lib/puppet/application/man.rb +0 -4
data/lib/puppet/application/status.rb +0 -4
data/lib/puppet/face/key.rb +0 -16
data/lib/puppet/face/man.rb +0 -145
data/lib/puppet/face/module/build.rb +0 -14
data/lib/puppet/face/module/generate.rb +0 -14
data/lib/puppet/face/module/search.rb +0 -103
data/lib/puppet/face/status.rb +0 -51
data/lib/puppet/ffi/posix.rb +0 -10
data/lib/puppet/ffi/posix/constants.rb +0 -14
data/lib/puppet/ffi/posix/functions.rb +0 -24
data/lib/puppet/indirector/certificate/file.rb +0 -9
data/lib/puppet/indirector/certificate/rest.rb +0 -18
data/lib/puppet/indirector/certificate_request/file.rb +0 -9
data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
data/lib/puppet/indirector/file_content/http.rb +0 -22
data/lib/puppet/indirector/key/file.rb +0 -46
data/lib/puppet/indirector/key/memory.rb +0 -7
data/lib/puppet/indirector/ssl_file.rb +0 -162
data/lib/puppet/indirector/status.rb +0 -3
data/lib/puppet/indirector/status/local.rb +0 -12
data/lib/puppet/indirector/status/rest.rb +0 -27
data/lib/puppet/module_tool/applications/searcher.rb +0 -29
data/lib/puppet/network/auth_config_parser.rb +0 -90
data/lib/puppet/network/authstore.rb +0 -283
data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
data/lib/puppet/network/http/base_pool.rb +0 -36
data/lib/puppet/network/http/compression.rb +0 -127
data/lib/puppet/network/http/connection_adapter.rb +0 -184
data/lib/puppet/network/http/nocache_pool.rb +0 -28
data/lib/puppet/network/rest_controller.rb +0 -2
data/lib/puppet/network/rights.rb +0 -210
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
data/lib/puppet/parser/environment_compiler.rb +0 -202
data/lib/puppet/pops/types/enumeration.rb +0 -16
data/lib/puppet/resource/capability_finder.rb +0 -154
data/lib/puppet/rest/errors.rb +0 -15
data/lib/puppet/rest/response.rb +0 -35
data/lib/puppet/rest/route.rb +0 -85
data/lib/puppet/rest/routes.rb +0 -135
data/lib/puppet/settings/alias_setting.rb +0 -37
data/lib/puppet/ssl/host.rb +0 -505
data/lib/puppet/ssl/key.rb +0 -61
data/lib/puppet/ssl/validator.rb +0 -61
data/lib/puppet/ssl/validator/default_validator.rb +0 -209
data/lib/puppet/ssl/validator/no_validator.rb +0 -22
data/lib/puppet/ssl/verifier_adapter.rb +0 -58
data/lib/puppet/status.rb +0 -40
data/lib/puppet/util/connection.rb +0 -88
data/lib/puppet/util/fact_dif.rb +0 -81
data/lib/puppet/util/ssl.rb +0 -83
data/lib/puppet/util/windows/api_types.rb +0 -309
data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
data/lib/puppet/vendor/load_pathspec.rb +0 -1
data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
data/lib/puppet/vendor/pathspec/LICENSE +0 -201
data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
data/lib/puppet/vendor/pathspec/README.md +0 -53
data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
data/man/man8/puppet-key.8 +0 -126
data/man/man8/puppet-man.8 +0 -76
data/man/man8/puppet-status.8 +0 -108
data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
data/spec/integration/application/resource_spec.rb +0 -30
data/spec/integration/network/authconfig_spec.rb +0 -256
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
data/spec/unit/application/man_spec.rb +0 -52
data/spec/unit/capability_spec.rb +0 -414
data/spec/unit/face/key_spec.rb +0 -9
data/spec/unit/face/module/search_spec.rb +0 -231
data/spec/unit/face/status_spec.rb +0 -9
data/spec/unit/indirector/certificate/file_spec.rb +0 -14
data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
data/spec/unit/indirector/key/file_spec.rb +0 -78
data/spec/unit/indirector/ssl_file_spec.rb +0 -305
data/spec/unit/indirector/status/local_spec.rb +0 -10
data/spec/unit/indirector/status/rest_spec.rb +0 -50
data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
data/spec/unit/network/auth_config_parser_spec.rb +0 -115
data/spec/unit/network/authstore_spec.rb +0 -422
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
data/spec/unit/network/http/compression_spec.rb +0 -240
data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
data/spec/unit/network/http_spec.rb +0 -9
data/spec/unit/network/rights_spec.rb +0 -439
data/spec/unit/parser/environment_compiler_spec.rb +0 -730
data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
data/spec/unit/pops/types/enumeration_spec.rb +0 -51
data/spec/unit/resource/capability_finder_spec.rb +0 -148
data/spec/unit/rest/route_spec.rb +0 -132
data/spec/unit/ssl/host_spec.rb +0 -645
data/spec/unit/ssl/key_spec.rb +0 -173
data/spec/unit/ssl/validator_spec.rb +0 -278
data/spec/unit/status_spec.rb +0 -45
data/spec/unit/util/ssl_spec.rb +0 -91

data/lib/puppet/provider/package/dnfmodule.rb CHANGED Viewed

@@ -93,7 +93,7 @@ Puppet::Type.type(:package).provide :dnfmodule, :parent => :dnf do
         # module has no default profile and no profile was requested, so just enable the stream
         # DNF versions prior to 4.2.8 do not need this workaround
         # see https://bugzilla.redhat.com/show_bug.cgi?id=1669527
-        if @resource[:flavor] == nil && e.message =~ /^(?:missing|broken) groups or modules: #{Regexp.quote(@resource[:name])}$/
+        if @resource[:flavor] == nil && e.message =~ /^missing groups or modules: #{Regexp.quote(@resource[:name])}$/
           enable(args)
         else
           raise

data/lib/puppet/provider/package/dpkg.rb CHANGED Viewed

@@ -173,13 +173,6 @@ Puppet::Type.type(:package).provide :dpkg, :parent => Puppet::Provider::Package
     dpkg "--purge", @resource[:name]
   end
-  def deprecated_hold
-    if package_not_installed?
-      self.install
-    end
-    hold
-  end
   def hold
     Tempfile.open('puppet_dpkg_set_selection') do |tmpfile|
       tmpfile.write("#{@resource[:name]} hold\n")
@@ -196,7 +189,4 @@ Puppet::Type.type(:package).provide :dpkg, :parent => Puppet::Provider::Package
     end
   end
-  def package_not_installed?
-    query[:status] != "installed"
-  end
 end

data/lib/puppet/provider/package/gem.rb CHANGED Viewed

@@ -14,7 +14,7 @@ Puppet::Type.type(:package).provide :gem, :parent => Puppet::Provider::Package::
     This provider supports the `install_options` and `uninstall_options` attributes,
     which allow command-line flags to be passed to the gem command.
-    These options should be specified as an array where each element is either a
+    These options should be specified as an array where each element is either a
     string or a hash."
   has_feature :versionable, :install_options, :uninstall_options, :targetable, :version_ranges
@@ -36,7 +36,11 @@ Puppet::Type.type(:package).provide :gem, :parent => Puppet::Provider::Package::
   # Required by Puppet::Provider::Package::Targetable::resource_or_provider_command
   def self.provider_command
-    command(:gemcmd)
+    if Puppet::Util::Platform.windows?
+      Puppet::Util.withenv(PATH: windows_path_without_puppet_bin) { command(:gemcmd) }
+    else
+      command(:gemcmd)
+    end
   end
   # Define the default provider package command as optional when the provider is targetable.
@@ -46,6 +50,18 @@ Puppet::Type.type(:package).provide :gem, :parent => Puppet::Provider::Package::
     is_optional
   end
+  # Having puppet/bin in PATH makes gem provider to use puppet/bin/gem
+  # This is an utility methods that reads the PATH and returns a string
+  # that contains the content of PATH but without puppet/bin dir.
+  # This is used to pass a custom PATH and execute commands in a controlled environment
+  def self.windows_path_without_puppet_bin
+    @path ||= Puppet::Util.get_env('PATH').split(File::PATH_SEPARATOR)
+                                          .reject { |dir| dir =~ /puppet\\bin$/ }
+                                          .join(File::PATH_SEPARATOR)
+  end
+  private_class_method :windows_path_without_puppet_bin
   # CommandDefiner in provider.rb creates convenience execution methods that set failonfail, combine, and optionally, environment.
   # And when a child provider defines its own command via commands() or has_command(), the provider-specific path is always returned by command().
   # But when the convenience execution method is invoked, the last convenience method to be defined is executed.
@@ -59,6 +75,10 @@ Puppet::Type.type(:package).provide :gem, :parent => Puppet::Provider::Package::
     custom_environment = {'HOME'=>Puppet::Util.get_env('HOME')}.merge(custom_environment)
+    if Puppet::Util::Platform.windows?
+      custom_environment[:PATH] = windows_path_without_puppet_bin
+    end
     execute(cmd, {:failonfail => true, :combine => true, :custom_environment => custom_environment})
   end
@@ -152,7 +172,7 @@ Puppet::Type.type(:package).provide :gem, :parent => Puppet::Provider::Package::
         end
       end
     end
     begin
       # Range intersections are not supported by Gem::Requirement, so just split by comma.
       dependency = Gem::Dependency.new('', should.split(','))

data/lib/puppet/provider/package/nim.rb CHANGED Viewed

@@ -154,25 +154,20 @@ Puppet::Type.type(:package).provide :nim, :parent => :aix, :source => :aix do
   # I spent a lot of time trying to figure out a solution that didn't
   # require parsing the `nimclient -o showres` output and was unable to
   # do so.
-  self::HEADER_LINE_REGEX      = /^([^\s]+)\s+[^@]+@@(I|R|S):(\1)\s+[^\s]+$/
-  self::PACKAGE_LINE_REGEX     = /^.*@@(I|R|S):(.*)$/
-  self::RPM_PACKAGE_REGEX      = /^(.*)-(.*-\d+\w*) \2$/
+  self::HEADER_LINE_REGEX      = /^([^\s]+)\s+[^@]+@@(I|R):(\1)\s+[^\s]+$/
+  self::PACKAGE_LINE_REGEX     = /^.*@@(I|R):(.*)$/
+  self::RPM_PACKAGE_REGEX      = /^(.*)-(.*-\d+) \2$/
   self::INSTALLP_PACKAGE_REGEX = /^(.*) (.*)$/
   # Here is some sample output that shows what the above regexes will be up
   # against:
-  # FOR AN INSTALLP(bff) PACKAGE:
+  # FOR AN INSTALLP PACKAGE:
   #
   #    mypackage.foo                                                           ALL  @@I:mypackage.foo _all_filesets
+  #    @ 1.2.3.1  MyPackage Runtime Environment                       @@I:mypackage.foo 1.2.3.1
   #    + 1.2.3.4  MyPackage Runtime Environment                       @@I:mypackage.foo 1.2.3.4
   #    + 1.2.3.8  MyPackage Runtime Environment                       @@I:mypackage.foo 1.2.3.8
   #
-  # FOR AN INSTALLP(bff) PACKAGE with security update:
-  #
-  #    bos.net                                                                 ALL  @@S:bos.net _all_filesets
-  #    + 7.2.0.1  TCP/IP ntp Applications                             @@S:bos.net.tcp.ntp 7.2.0.1
-  #    + 7.2.0.2  TCP/IP ntp Applications                             @@S:bos.net.tcp.ntp 7.2.0.2
-  #
   # FOR AN RPM PACKAGE:
   #
   # mypackage.foo                                                                ALL  @@R:mypackage.foo _all_filesets
@@ -248,7 +243,7 @@ Puppet::Type.type(:package).provide :nim, :parent => :aix, :source => :aix do
     package_string = match.captures[1]
     case package_type_flag
-      when "I","S"
+      when "I"
         parse_installp_package_string(package_string)
       when "R"
         parse_rpm_package_string(package_string)

data/lib/puppet/provider/package/pip.rb CHANGED Viewed

@@ -4,7 +4,6 @@
 require 'puppet/util/package/version/pip'
 require 'puppet/util/package/version/range'
 require 'puppet/provider/package_targetable'
-require 'puppet/util/http_proxy'
 Puppet::Type.type(:package).provide :pip, :parent => ::Puppet::Provider::Package::Targetable do

data/lib/puppet/provider/package/pkg.rb CHANGED Viewed

@@ -114,10 +114,6 @@ Puppet::Type.type(:package).provide :pkg, :parent => Puppet::Provider::Package d
     end).merge({:provider => self.name})
   end
-  def deprecated_hold
-    hold
-  end
   def hold
     pkg(:freeze, @resource[:name])
   end

data/lib/puppet/provider/package/portage.rb CHANGED Viewed

@@ -112,7 +112,7 @@ Puppet::Type.type(:package).provide :portage, :parent => Puppet::Provider::Packa
       # do the search
       should = @resource[:ensure]
       case should
-      # The terms present, absent, purged, held, installed, latest in :ensure
+      # The terms present, absent, purged, installed, latest in :ensure
       # resolve as Symbols, and we do not need specific package version in this case
       when true, false, Symbol
         search = @resource[:name]

data/lib/puppet/provider/package/puppet_gem.rb CHANGED Viewed

@@ -5,10 +5,7 @@ Puppet::Type.type(:package).provide :puppet_gem, :parent => :gem do
   has_feature :versionable, :install_options, :uninstall_options
   if Puppet::Util::Platform.windows?
-    # On windows, we put our ruby ahead of anything that already
-    # existed on the system PATH. This means that we do not need to
-    # sort out the absolute path.
-    commands :gemcmd => "gem"
+    commands :gemcmd => File.join(Puppet::Util.get_env('PUPPET_DIR').to_s, 'bin', 'gem.bat')
   else
     commands :gemcmd => "/opt/puppetlabs/puppet/bin/gem"
   end

data/lib/puppet/provider/service/debian.rb CHANGED Viewed

@@ -17,8 +17,6 @@ Puppet::Type.type(:service).provide :debian, :parent => :init do
   commands :invoke_rc => "/usr/sbin/invoke-rc.d"
   commands :service => "/usr/sbin/service"
-  confine :false => Puppet::FileSystem.exist?('/proc/1/comm') && Puppet::FileSystem.read('/proc/1/comm').include?('systemd')
   defaultfor :operatingsystem => :cumuluslinux, :operatingsystemmajrelease => ['1','2']
   defaultfor :operatingsystem => :debian, :operatingsystemmajrelease => ['5','6','7']
   defaultfor :operatingsystem => :devuan

data/lib/puppet/provider/service/smf.rb CHANGED Viewed

@@ -5,48 +5,100 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
   desc <<-EOT
     Support for Sun's new Service Management Framework.
-    Starting a service is effectively equivalent to enabling it, so there is
-    only support for starting and stopping services, which also enables and
-    disables them, respectively.
+    When managing the enable property, this provider will try to preserve
+    the previous ensure state per the enableable semantics. On Solaris,
+    enabling a service starts it up while disabling a service stops it. Thus,
+    there's a chance for this provider to execute two operations when managing
+    the enable property. For example, if enable is set to true and the ensure
+    state is stopped, this provider will manage the service using two operations:
+    one to enable the service which will start it up, and another to stop the
+    service (without affecting its enabled status).
     By specifying `manifest => "/path/to/service.xml"`, the SMF manifest will
     be imported if it does not exist.
   EOT
   defaultfor :osfamily => :solaris
   confine :osfamily => :solaris
-  commands :adm => "/usr/sbin/svcadm", :svcs => "/usr/bin/svcs"
-  commands :svccfg => "/usr/sbin/svccfg"
+  commands :adm => "/usr/sbin/svcadm",
+           :svcs => "/usr/bin/svcs",
+           :svccfg => "/usr/sbin/svccfg"
   has_feature :refreshable
-  def setupservice
-      if resource[:manifest]
-        begin
-          svcs("-l", @resource[:name])
-        rescue Puppet::ExecutionFailure
-          Puppet.notice "Importing #{@resource[:manifest]} for #{@resource[:name]}"
-          svccfg :import, resource[:manifest]
-        end
-      end
+  def self.instances
+    service_instances = svcs("-H", "-o", "state,fmri" ).split("\n")
+    # Puppet does not manage services in the legacy_run state, so filter those out.
+    service_instances.reject! { |line| line =~ /^legacy_run/ }
+    service_instances.collect! do |line|
+      state, fmri = line.split(/\s+/)
+      status =  case state
+                when /online/; :running
+                when /maintenance/; :maintenance
+                when /degraded/; :degraded
+                else :stopped
+                end
+      new({:name => fmri, :ensure => status})
+    end
+    service_instances
+  end
+  def initialize(*args)
+    super(*args)
+    # This hash contains the properties we need to sync. in our flush method.
+    #
+    # TODO (PUP-9051): Should we use @property_hash here? It seems like
+    # @property_hash should be empty by default and is something we can
+    # control so I think so?
+    @properties_to_sync = {}
+  end
+  def service_exists?
+    self.service_fmri
+    true
+  rescue Puppet::ExecutionFailure
+    false
+  end
+  def setup_service
+    return unless @resource[:manifest]
+    return if self.service_exists?
+    Puppet.notice("Importing #{@resource[:manifest]} for #{@resource[:name]}")
+    svccfg(:import, @resource[:manifest])
   rescue Puppet::ExecutionFailure => detail
-      raise Puppet::Error.new( "Cannot config #{self.name} to enable it: #{detail}", detail )
+    raise Puppet::Error.new( "Cannot config #{@resource[:name]} to enable it: #{detail}", detail )
   end
-  def self.instances
-   svcs("-H", "-o", "state,fmri" ).split("\n").select{|l| l !~ /^legacy_run/ }.collect do |line|
-     state,fmri = line.split(/\s+/)
-     status =  case state
-               when /online/; :running
-               when /maintenance/; :maintenance
-               when /degraded/; :degraded
-               else :stopped
-               end
-     new({:name => fmri, :ensure => status})
-   end
+  # Returns the service's FMRI. We fail if multiple FMRIs correspond to
+  # @resource[:name].
+  #
+  # If the service does not exist or we fail to get any FMRIs from svcs,
+  # this method will raise a Puppet::ExecutionFailure
+  def service_fmri
+    return @fmri if @fmri
+    # `svcs -l` is better to use because we can detect service instances
+    # that have not yet been activated or enabled (i.e. it lets us detect
+    # services that svcadm has not yet touched). `svcs -H -o fmri` is a bit
+    # more limited.
+    lines = svcs("-l", @resource[:name]).chomp.lines.to_a
+    lines.select! { |line| line =~ /^fmri/ }
+    fmris = lines.map! { |line| line.split(' ')[-1].chomp }
+    unless fmris.length == 1
+      raise Puppet::Error.new(
+        "Failed to get #{@resource[:name]}'s FMRI: The pattern '#{@resource[:name]}' matches multiple FMRIs! These are the FMRIs it matches: #{fmris.join(', ')}"
+      )
+    end
+    @fmri = fmris.first
   end
   # Returns the service's FMRI. We fail if multiple FMRIs correspond to
@@ -96,51 +148,50 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
   end
   def enable
-    self.start
+    @properties_to_sync[:enable] = true
   end
   def enabled?
-    case self.status
-    when :running
-      return :true
-    else
-      return :false
-    end
+    return :false unless service_exists?
+    _property, _type, value = svccfg("-s", self.service_fmri, "listprop", "general/enabled").split(' ')
+    value == 'true' ? :true : :false
   end
   def disable
-    self.stop
+    @properties_to_sync[:enable] = false
   end
   def restartcmd
     if Puppet::Util::Package.versioncmp(Facter.value(:operatingsystemrelease), '11.2') >= 0
-      [command(:adm), :restart, "-s", @resource[:name]]
+      [command(:adm), :restart, "-s", self.service_fmri]
     else
       # Synchronous restart only supported in Solaris 11.2 and above
-      [command(:adm), :restart, @resource[:name]]
+      [command(:adm), :restart, self.service_fmri]
     end
   end
-  def startcmd
-    self.setupservice
-    case self.status
-    when :maintenance, :degraded
-      [command(:adm), :clear, @resource[:name]]
-    else
-      [command(:adm), :enable, "-rs", @resource[:name]]
-    end
+  def service_states
+    # Gets the current and next state of the service. We have a next state because SMF
+    # manages services asynchronously. If there is no 'next' state, svcs will put a '-'
+    # to indicate as such.
+    current_state, next_state = svcs("-H", "-o", "state,nstate", self.service_fmri).chomp.split(' ')
+    {
+      :current => current_state,
+      :next => next_state == "-" ? nil : next_state
+    }
   end
   # Wait for the service to transition into the specified state before returning.
   # This is necessary due to the asynchronous nature of SMF services.
-  # desired_state should be online, offline, disabled, or uninitialized.
+  # desired_states should include only online, offline, disabled, or uninitialized.
   # See PUP-5474 for long-term solution to this issue.
-  def wait(*desired_state)
+  def wait(*desired_states)
     Timeout.timeout(60) do
       loop do
         states = self.service_states
-        break if desired_state.include?(states[0]) && states[1] == '-'
-        sleep(1)
+        break if desired_states.include?(states[:current]) && states[:next].nil?
+        Kernel.sleep(1)
       end
     end
   rescue Timeout::Error
@@ -148,15 +199,11 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
   end
   def start
-    # Wait for the service to actually start before returning.
-    super
-    self.wait('online')
+    @properties_to_sync[:ensure] = :running
   end
   def stop
-    # Wait for the service to actually stop before returning.
-    super
-    self.wait('offline', 'disabled', 'uninitialized')
+    @properties_to_sync[:ensure] = :stopped
   end
   def restart
@@ -165,16 +212,8 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
     self.wait('online')
   end
-  # Determine the current and next states of a service.
-  def service_states
-    svcs("-H", "-o", "state,nstate", @resource[:name]).chomp.split
-  end
   def status
-    if @resource[:status]
-      super
-      return
-    end
+    return super if @resource[:status]
     begin
       if supports_incomplete_services?
@@ -185,10 +224,10 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
         end
       end
-      # get the current state and the next state, and if the next
-      # state is set (i.e. not "-") use it for state comparison
-      states = service_states
-      state = states[1] == "-" ? states[0] : states[1]
+      # Get the current state and the next state. If there is a next state,
+      # use that for the state comparison.
+      states = self.service_states
+      state = states[:next] || states[:current]
     rescue Puppet::ExecutionFailure
       # TODO (PUP-8957): Should this be set back to INFO ?
       debug "Could not get status on service #{self.name} #{$!}"
@@ -197,10 +236,8 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
     case state
     when "online"
-      #self.warning "matched running #{line.inspect}"
       return :running
     when "offline", "disabled", "uninitialized"
-      #self.warning "matched stopped #{line.inspect}"
       return :stopped
     when "maintenance"
       return :maintenance
@@ -213,11 +250,92 @@ Puppet::Type.type(:service).provide :smf, :parent => :base do
       raise Puppet::Error,
         "Unmanageable state '#{state}' on service #{self.name}"
     end
+  end
+  # Helper that encapsulates the clear + svcadm [enable|disable]
+  # logic in one place. Makes it easy to test things out and also
+  # cleans up flush's code.
+  def maybe_clear_service_then_svcadm(cur_state, subcmd, flags)
+    # If the cur_state is maint or degraded, then we need to clear the service
+    # before we enable or disable it.
+    adm('clear', self.service_fmri) if [:maintenance, :degraded].include?(cur_state)
+    adm(subcmd, flags, self.service_fmri)
   end
-  def stopcmd
-    [command(:adm), :disable, "-s", @resource[:name]]
+  # The flush method is necessary for the SMF provider because syncing the enable and ensure
+  # properties are not independent operations like they are in most of our other service
+  # providers.
+  def flush
+    # We append the "_" because ensure is a Ruby keyword, and it is good to keep property
+    # variable names consistent with each other.
+    enable_, ensure_ = @properties_to_sync[:enable], @properties_to_sync[:ensure]
+    # All of the relevant properties are in sync., so we do not need to do
+    # anything here.
+    return if enable_.nil? and ensure_.nil?
+    # Set-up our service so that we know it will exist and so we can collect its fmri. Also
+    # simplifies the code. For a nonexistent service, one of enable or ensure will be true
+    # here (since we're syncing them), so we can fail early if setup_service fails.
+    setup_service
+    fmri = self.service_fmri
+    # Useful constants for operations involving multiple states
+    stopped = ['offline', 'disabled', 'uninitialized']
+    # Get the current state of the service.
+    cur_state = self.status
+    if enable_.nil?
+      # Only ensure needs to be syncd. The -t flag tells svcadm to temporarily
+      # enable/disable the service, where the temporary status is gone upon
+      # reboot. This is exactly what we want, because we do not want to touch
+      # the enable property.
+      if ensure_ == :stopped
+        self.maybe_clear_service_then_svcadm(cur_state, 'disable', '-st')
+        wait(*stopped)
+      else # ensure == :running
+        self.maybe_clear_service_then_svcadm(cur_state, 'enable', '-rst')
+        wait('online')
+      end
+      return
+    end
+    # Here, enable is being syncd. svcadm starts the service if we enable it, or shuts it down if we
+    # disable it. However, we want our service to be in a final state, which is either whatever the
+    # new ensured value is, or what our original state was prior to enabling it.
+    #
+    # NOTE: Even if you try to set the general/enabled property with svccfg, SMF will still
+    # try to start or shut down the service. Plus, setting general/enabled with svccfg does not
+    # enable the service's dependencies, while svcadm handles this correctly.
+    #
+    # NOTE: We're treating :running and :degraded the same. The reason is b/c an SMF managed service
+    # can only enter the :degraded state if it is online. Since disabling the service also shuts it
+    # off, we cannot set it back to the :degraded state. Thus, it is best to lump :running and :degraded
+    # into the same category to maintain a consistent postcondition on the service's final state when
+    # enabling and disabling it.
+    final_state = ensure_ || cur_state
+    final_state = :running if final_state == :degraded
+    if enable_
+      self.maybe_clear_service_then_svcadm(cur_state, 'enable', '-rs')
+    else
+      self.maybe_clear_service_then_svcadm(cur_state, 'disable', '-s')
+    end
+    # We're safe with 'whens' here since self.status already errors on any
+    # unmanageable states.
+    case final_state
+    when :running
+      adm('enable', '-rst', fmri) unless enable_
+      wait('online')
+    when :stopped
+      adm('disable', '-st', fmri) if enable_
+      wait(*stopped)
+    when :maintenance
+      adm('mark', '-I', 'maintenance', fmri)
+      wait('maintenance')
+    end
   end
 end